Given the impending doom of IPv4, I thought I’d try and setup my site to be accessible over IPv6. Thankfully my webhost has dual-stack connectivity in their datacenter. They also assign IPv6 addresses for free, in fact they gave me 65,537 addresses.[^1]
nginx setup was trivially easy, I re-compiled the software adding the
--with-ipv6 flag, then added the line
listen [::]:80 to my vhost files (or indeed
listen [::]:443). This was in addition to the usual listen directive.
Getting IPv6 configured correctly on the system took a little more working out. In the end I think I have simplified my configuration even for IPv4. I use Debian 7 which comes with the newer iproute2 package to manage network connections. With the stored settings in
/etc/network/interfaces. This is mine:
[bash] # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # This line makes sure the interface will be brought up during boot auto eth0 allow-hotplug eth0 # The primary network interface iface eth0 inet static address 18.104.22.168 netmask 255.255.255.0 gateway 22.214.171.124 # dns-* options are implemented by the resolvconf package, if installed dns-nameservers 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 dns-search localdomain # up commands up sysctl -w net.ipv6.conf.eth0.autoconf=0 up sysctl -w net.ipv6.conf.eth0.accept_ra=0 up ip addr add 18.104.22.168/24 dev eth0 up ip -6 addr add 2001:1af8:4100:a00e:4::1/64 dev eth0 up ip -6 ro add default via 2001:1af8:4100:a00e::1 dev eth0
This sets up the default IPv4 address and a default gateway. Then once the interfrace is brought up at boot time the
ip command is invoked, which is a part of the iproute2 package, to add a second IPv4 address. Then add an IPv6 address and the default route to use when communicating over IPv6.
You’ll notice I also use the
sysctl command to change some system settings. These stop the system trying to assign itself an IPv6 address and to not listen to router advertisements. I think these were causing my IPv6 connection to drop.
Now my system is setup as so:
[bash] ➜ ~ ip addr show eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000 link/ether d4:ae:52:c5:d2:1b brd ff:ff:ff:ff:ff:ff inet 22.214.171.124/24 brd 126.96.36.199 scope global eth0 inet 188.8.131.52/24 scope global secondary eth0 inet6 2001:1af8:4100:a00e:4::1/64 scope global valid_lft forever preferred_lft forever inet6 fe80::d6ae:52ff:fec5:d21b/64 scope link valid_lft forever preferred_lft forever
[bash] ➜ ~ ip -6 ro 2001:1af8:4100:a00e::/64 dev eth0 proto kernel metric 256 fe80::/64 dev eth0 proto kernel metric 256 default via 2001:1af8:4100:a00e::1 dev eth0 metric 1024
Even though I don’t have IPv6 at home yet, my site should be connectible over IPv6.
[^1]: I was given the IP addresses
::FFFF, that’s 216 addresses.
*[IP]: Internet Protocol